Craigslist's Dumb Lawsuit Against Spam Tools Provider

from the what-are-they-thinking? dept

It's hard to come up with an adjective to describe Craigslist's decision to sue Red Trumpet other than "dumb." Nothing good will come of this lawsuit for a variety of reasons, and Craigslist is asking for trouble in filing it. Now, I can understand why it sounded like a good idea. Last year, we wrote about the increasing problem of spam on Craigslist, highlighting how a variety of spammers had figured out ways around each attempt by Craiglist to stop the spam. And, yes, we absolutely agree that spam on Craigslist is a problem and a nuisance, and it's good that Craigslist is working hard to try to stop it. But that doesn't make this lawsuit make sense. The full lawsuit is below (it's a bit long), and highlights all of the different claims that Craigslist is making against Red Trumpet, a company that offers tools and services to help advertisers post messages on Craigslist (some of which may be spammy, though, certainly not all):

So what are the problems? Well, as Eric Goldman notes, Craigslist is "playing with fire" on a variety of legal doctrines, almost all of which could come back to bite Craigslist. For example, Craigslist is blaming Red Trumpet -- a service provider -- for the actions of its users in spamming the site. Think about that for a second. For the past couple of years, law enforcement officials have been trying to use that exact argument against Craigslist over things like prostitution posts on the site -- to which Craigslist has always put forth a strong defense that as a service provider (under Section 230 of the CDA) it's not liable for the actions of its users. Does Craigslist really want to try to establish a precedent that would chip away at Section 230 protections?

Next, Craigslist is making a really weak DMCA claim here. It's claiming that its various anti-spam technologies (captchas, phone verification, etc.) act as "technological protection measures" that Red Trumpet is circumventing... and thus running afoul of the DMCA's anti-circumvention rules. But the circumvention has nothing to do with violating Craigslist's "copyright," though the lawsuit makes a half-hearted attempt to claim that it does.

Then, there's the trademark claims. There are a few different ones, but it argues that Red Trumpet is violating Craigslist's trademark by mentioning Craigslist on its website and in its ads. While again, you can see why this is annoying to Craigslist, if the company is accurately describing services it provides (the ability to post on Craigslist) it's difficult to see the "confusion" being caused. The ad in question doesn't appear to imply any endorsement at all by Craigslist. And, does Craigslist really want to open up a can of worms concerning trademarks being used in ads? After all, there must be a ton of posts on Craigslist that mention trademarks.

Finally, there's Craigslist claiming that Red Trumpet violates the Computer Fraud and Abuse Act by accessing its site despite violating its terms of use. Does this sound familiar? It's the same argument that was used to try to punish Lori Drew, and was recently tossed out by a judge. Basically, it's claiming that if you happen to violate the terms of use of a site, and then still access the site, you've effectively "hacked" into the site. This is a really bad reading of the law, which is why it was good that the Drew ruling got tossed out. So why is Craigslist trying to re-establish that as a rule?

Yes, clearly, Craigslist is upset about the spam on the site -- and it should be. Plenty of users are upset about it, and Craigslist wants to help those users, help itself and stop the spam. But this particular lawsuit, with these claims, seem highly problematic -- such that even if Craigslist wins, the precedents it sets could come back to haunt Craigslist... and many other parts of the internet as well. Is Craigslist really so desperate to stop spam that it's willing to do all this other damage as well?

someone enlighten me

as I am not really learned in law anything...

Could you actually make a company to C&D if they are making a nuisance? For example, if someone keeps on following you everywhere, and it's bugging you, you can make him stop, right? And if someone keep on sending your mails to annoy you, you can make the person stop, right?

So if you view craigslist as a property, and this company keeps on spamming the site causing a nuisance, couldn't they get a C&D on this company and make them stop? I mean, craigslist probably have the right to stop this service from using their site? something like Red trumpet and the users of red trumpet are prohibited from using this site, or something like that.

Re: someone enlighten me

The problem here is that it's not the company that's spamming. Some of its users are using the service it provides in order to spam Craigslist. The proper course of action would be to pursue the spamming users, not the provider of a tool that exists to make perfectly legitimate postings easier and more effective.

Didn't you run a story not a few days ago that pointed out that Sony's sites were not public property, and there was no right to free speech?

CL has the right to deny service.

Further, Red trumpet is created with only one purpose, to spam the living crap out of CL and to attempt to bypass basic techniques used to avoid spamming on the site. Are they really a 230 service provider, or are they encouraging and profiting from spamming?

Wow, lot's of misconceptions in the comments today

So if you view craigslist as a property, and this company keeps on spamming the site causing a nuisance, couldn't they get a C&D on this company and make them stop? I mean, craigslist probably have the right to stop this service from using their site? something like Red trumpet and the users of red trumpet are prohibited from using this site, or something like that.

Nope, Red Trumpet is not spamming Craigslist, users of Red Trumpet's software are. And no, they couldn't just block all users of Red Trumpet software because there are plenty of legitimate uses of the software that are not Spam.

Maybe under anti stocking laws? Can't stock someone.

It's spelled "stalking". "Stocking" is what I used to do when I worked at a grocery store. And no, there is no stalking going on here.

CL has the right to deny service.
Further, Red trumpet is created with only one purpose, to spam the living crap out of CL and to attempt to bypass basic techniques used to avoid spamming on the site. Are they really a 230 service provider, or are they encouraging and profiting from spamming?

While Craigslist does have the right to deny service to anyone, banning Red Trumpet would do nothing because Red Trumpet is not actually spamming Craigslist, users of it's software are. They are simply providers of software that other people use to spam Craigslist. And as mentioned, there are legitimate uses of the software. It similar to a gun manufacturer: While a lot of guns are used in crimes, the gun manufacturer is not responsible for those crimes.

Why not do what google does...crowdsource the spam detection. Make it a requirement to provide a valid (verified) email address. Have the report spam button, and if an e-mail address reaches a threshold of reports, ban that address. I almost never get spam in my gmail account.

Also, have an option so that if, for some reason, there is a mistake, one can appeal the banhammer.

Law and Common Sense - Mutually Exclusive?

One of the basic tenets of modern society based upon law is that no one can destroy his neighbor's property to his benefit. That's why dumping toxic waste is illegal. Since Red Trumpet, metaphorically, does this, even though they do not carry out the actual act of dumping (they merely provide the proverbial means i.e. trucks, roads, fuel, passes, and fake identity), CL has a good chance of winning.

Re: Wow, lot's of misconceptions in the comments today

"Nope, Red Trumpet is not spamming Craigslist, users of Red Trumpet's software are. And no, they couldn't just block all users of Red Trumpet software because there are plenty of legitimate uses of the software that are not Spam."

They shouldn't block the Red Trumpet software, but the question was a little more general than that. Could they? If they wanted to, they could, but it would turn into a cat and mouse game like DRM.

The lawsuit isn't the way to fight this and nether is blocking the software. I'm not seeing a third option here.

Re: Law and Common Sense - Mutually Exclusive?

One of the basic tenets of modern society based upon law is that no one can destroy his neighbor's property to his benefit. That's why dumping toxic waste is illegal. Since Red Trumpet, metaphorically, does this, even though they do not carry out the actual act of dumping (they merely provide the proverbial means i.e. trucks, roads, fuel, passes, and fake identity), CL has a good chance of winning.

Nope. They have no chance. Providing the means does not make them liable. That would be like the truck manufacturer being held responsible for the dumping.

Craigslist should just learn to live with spam. It isn't going away. If they succeed in bringing down this company, another one will pop right up! What they need is a new business model; one that monetizes the spam. Stop fighting technology, Craigslist! Besides, their website isn't property, it's just a bunch of 1's and 0's. Hackers, users, and spammers should be able to do whatever they want with it. If it's intangible it doesn't matter. In conclusion, spamming websites is a fundamental human right and if you don't agree with that than you must be a Craigslist shill.

Left hand, right hand

It's my guess that this is a case of where the left hand doesn't know what the right hand is doing. There's probably some lawyer at Craigslist who is concerned about winning this particular case, not thinking about what the long term ramifications are for the company or even for the country. What's important is for him to win his case and improve his personal record, right? The real WTF is that someone at a higher level hasn't realized what a mess this will cause and stepped in to stop the case from going forward.

Is it just me or are there too many examples of the legal department going off and doing things which the regular executives should know is obviously bad for the company as a whole? Is "How to Hypnotize your CEO" a standard class in law school?

Re:

CL has the right to deny service.

OK...and this is relevent how? The question is not whether CL has the right to kick someone off their site for spamming. It's whether they can corrupt the intent of the DMCA and trademark laws to stop a company from selling a tool that can be used by users of CL to distribute spam.

230 protections don't provide coverage for being idiots.

Sometimes, as with free speech, you have to put up with idiots because upholding the overall principle is more important. If you believe that you can't hold a third-party responsible for someone else's behavior, even if they have a more than tangential involvement with that someone, then you have to realize that this will mean that sometimes safe harbors will apply to things you don't like.

For example, if you agree that it's wrong to hold an ISP responsible for its users making copyrighted material available, then you also have to agree that it's wrong to hold Red Trumpet responsible for selling software that its users use to spam.

Re: Wow, lot's of misconceptions in the comments today

It's spelled "stalking". "Stocking" is what I used to do when I worked at a grocery store. And no, there is no stalking going on here.
[snip]While Craigslist does have the right to deny service to anyone, banning Red Trumpet would do nothing because Red Trumpet is not actually spamming Craigslist, users of it's software are.

Re: Re:

For example, if you agree that it's wrong to hold an ISP responsible for its users making copyrighted material available, then you also have to agree that it's wrong to hold Red Trumpet responsible for selling software that its users use to spam.

Nope, I wouldn't agree. An ISP is not actively promoting file sharing, they are not making it easier, they are not providing a software tool to do it. They are only providing a connection, no assistance.

Craigsup was "assistance to spam". It's a very different deal and something that does not merit 230 protection.

Re: Wow, lot's of misconceptions in the comments today

"Nope, Red Trumpet is not spamming Craigslist, users of Red Trumpet's software are. And no, they couldn't just block all users of Red Trumpet software because there are plenty of legitimate uses of the software that are not Spam."

*sarcasm off, serious discussion on*
Hold on here. Please clarify.

So if I create a service on Internet I have to let everyone use it? For example, if I start a server giving people free email accounts, I have no right to say I am only limiting certain people to get the free account, but I have to give everyone who asked an account? Or let say I have a bit torrent tracker, and I want to forbid any bit torrent client that just leechs and doesn't upload. I can't say that program x and all program x users are denied. I have to denied each users one by one because some other trackers might accept program x?

I am not being sarcastic or anything. I just want to be certain if this is true because it kind of defies common sense...

Re:

uhh, why did you singled out adult section? The adult section has same kind of problem with all other sections. It's just have higher profile because people pimp themselves there. What about all the other sections that's selling stolen items and drugs? Are those lesser crime then the adult section?

Besides, if we are arguing here that it's the users at fault, CL is not to be blamed for what's going on there. They have obligations to police to certain extend but they should not be hold responsible for everything happening on the site.

craigslist

Interesting position to take: If a provider is taking specific steps to block spam by a specific company (assume id can be esblished) and that specific company continues to issue modifications to its software spcifically to get around the block, what is the effect of the DMCA. Like I always tell my clients, you can sue for whatever you want, proving it, on the other hand, is the hard part. Going to have to read this suit. Interesting observations by some of the comments here.

Are you really that dumb?

It's spelled "its". "It's" is a contraction.

Exactly. "It's" is a contraction of "It is". My sentence "It's spelled "stalking"." can also be read "It is spelled "stalking"." the apostrophe was correct.

You also apparently don't (also correct apostrophe use) know how to identify irony. Irony is: "The use of words to convey a meaning that is the opposite of its literal meaning". But that's okay, most people can't properly identify irony anyway.

Re: Re: Are you really that dumb?

Re: Re: Law and Common Sense - Mutually Exclusive?

I disagree. Manufacturing the getaway car or the pistol used in a holdup is not being guilty of a crime. Providing the car, the gun, the security guard schedule, the wiring diagram for the alarm, and the name of a stolen goods buyer makes you as guilty as the person that did the crime. It's a matter of simply proving intent and it seems obvious that the intent is to storm CL with spam.

Re: Re: Wow, lot's of misconceptions in the comments today

Are you just trying to misunderstand? Of course they have the right to block anyone for any reason or even no reason at all, but trying to block all users of a specific software would just create a cat and mouse game and would not accomplish anything.

piratebay was providing services too

Just claiming you're a service provider doesn't always cut it. I think ultimately, the service provider should have some responsibility for the action of its users if it's service is not completely "generic". For example, bit torrent sites are like a search engine, but you can't say they're like google because their services is 99% illegal downloads. If I open a "service" to allow my users to hack into CIA computers, you think they would care if I'm only a service provider?

People can use legal jardon all they want, in the end, that's why we have a jury system so people can use common sense to determine a case. If a service is intended to provide ways to by-pass security, then craigslist has some ground for argument.

On a side note, related to the ad-skipping service, what if those site now change their ad page to say "please login with "FREEPASS" to see the next page? Then if the ad-skipping program automatically enter the password for the user to skip to next page, would that consider as by passing security? With capchas, they clearly "display" the pass code needed to continue, so what's the difference?

Clearly, I don't know which side I'm on... but I'm enjoying the conversation here.

Re: Re: Re: Wow, lot's of misconceptions in the comments today

My understanding of the quote I used above is this:
1) CL cannot block users of red trumpet
2) red trumpet software is "legal" and has a right to exist because it has legitimate use.

This is a bit confusing because #1 shouldn't have anything to do with #2. The sentence structure you are using made it sound like #1 is valid because #2 is true.
#1 "they couldn't just block all users of Red Trumpet software"
BECAUSE
#2 "there are plenty of legitimate uses of the software that are not Spam."

That's why I ask for clarification. Now from your reply, I can confirm that you don't agree with #1, because you said "they have the right to block anyone for any reason or even no reason at all". Good, I agree with you. Good thing we sort it out. Now the new item you introduced is

#3 "trying to block all users of a specific software would just create a cat and mouse game and would not accomplish anything".

first of all, this has nothing to do with #1 and #2, so we have to deal it seperately.

I agree with you partially on #3, barring the "not accomplish anything" part. There is no reason that they shouldn't do this as first step. Let's apply the same sentence to, let say, heroin dealer.

-trying to stop all heroin dealers would just create a cat and mouse game and would not accomplish anything-

I think most people would disagree with that.

If red trumpet is a problem for CL. They should ban all users of red trumpet. Sites with no problem with red trumpet should continue to let RT users go on. We are not denying the existence or usefulness of RT, just that it's not welcome at CL, that's all. There is nothing wrong with that.

Now, if CL just ban RT users, there is no need to go to court on shaking legal grounds. RT continue to have their business, just not going to be able to use on CL and there is nothing wrong with that.

Discovery process.

Most likely this is a lawsuit designed to be dropped. The lawyers have a single mission. Put forth the notion that "They are maliciously targeting craigslist to perform DDoS" or other some such nonsense in order to pull for discovery of the codebase they use in order to learn how to block it.

The legal system is a tool, some people just know how to add a fulcrum to gain more leverage.

Re: Re: Re: Re: Wow, lot's of misconceptions in the comments today

Can we do classifieds without Spam ?

Craigslist is a powerful medium and as its popularity grew it has attracted spammers from all over the world. The system is rife with messages from commerical sellers, this is not the craigslist of the 1990’s. To overcome many of the issues that are faced by the everyday craigslist users, particularly spam, we are developing an instant micro-classifieds system with anonymous chat, called ‘YouHaveIWant.Com’/ YHIW takes the core idea behind craigslist , ‘connecting people’ and delivers it using some intelligent software. We would appreciate your feedback on the prototype.
Visit www.youhaveiwant.com

Re: Can we do classifieds without Spam ?

This isn't nearly as dumb a lawsuit as the author seems to think. It clearly does not rest on the same legal theory as the Drew prosecution, and would not punish people if they "just so happen" to violate ToS.

craigslist's problem is with people entering into ToS fraudulently with the specific intent of lifting information from the site and using it in a way that harms craigslist. That is exactly the kind of fraud which Congress sought to prohibit with the CFAA. Not the inadvertent ToS violation, and not cases where the person developed the intent to violate ToS sometime after gaining consent to entry.

If you read the EFF amicus brief in the Drew case (I suspect the author of the above article has not), the EFF itself stated that the CFAA was intended to prevent trespass and theft. Here, Red Trumpet's actions fall within the common law definition of trespass, being that they had no intention of honoring the ToS when they gained craigslist's authorization. In other words, they obtained consent to enter via fraud, which is-- and always has been-- common law trespass.

Note that this interpretation of the CFAA would not have affected the outcome in the Drew case.

Re: Wow, lot's of misconceptions in the comments today

see, and this is where tech folks need to go to law school, or at least talk to an attorney. the gravamen of the complaint is not that red trumpet is spamming craigslist, is that red trumpet unlawfully used data taken from the craigslist site in knowing violation of its ToS and used it to make software for the purpose of spamming craigslist.

Re:

I think that is good point. I think this whole discussion is particularly interesting and in a way shockingly ironic given Craigslist's knee-jerk use of 230 immunity for summary judgment motions and even 12b6 motions in the Gibson case(? i think). Nevertheless it's moot; I think the likelihood of Craigslist having the capacity to chip away at the very immunity they rely upon is pretty unlikely within the courts given the substantial precedent involving 230 immunity already set.

craigslist's lawsuit

Untill i read this article i truely believed that craigslist employed hackers to steal buisness from those who opt to advertise for free. Now that i have read this article perhaps i am wrong and i owe craigslist an apology. I, Cole A. Urquhart, do hereby support Craigslist in its endeavor to 100% BAR ALL spam from the world wide web. Reason; Spam is an infringment of our privacy rights and it should not have ever been created for it alows numerous loopholes for hackers to get into your system. It would not surprize me one bit if it was hackers who created spam in the first place. To stop such a lawsuite will cause more damages to the indeviduals personal life, spam is a threat to everyone who has a computer logged onto the internet and craigslist is attempting to do something good for the people and anyone who supports the people will always have my vote and, YOU DONT.